Compare commits
6 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 23f61eb60b | |||
| a4ad6c59c1 | |||
| e67eff0fcc | |||
| e5db2e171c | |||
| 7389072841 | |||
| 9dd56a9362 |
19
changelog.md
19
changelog.md
@ -1,5 +1,24 @@
|
||||
# Changelog
|
||||
|
||||
## 2025-02-21 - 3.3.0 - feat(PortProxy)
|
||||
Enhanced PortProxy with domain and IP filtering, SNI support, and minimatch integration
|
||||
|
||||
- Added new ProxySettings interface to configure domain patterns, SNI, and default allowed IPs.
|
||||
- Integrated minimatch to filter allowed IPs and domains.
|
||||
- Enabled SNI support for PortProxy connections.
|
||||
- Updated port proxy test to accommodate new settings.
|
||||
|
||||
## 2025-02-04 - 3.2.0 - feat(testing)
|
||||
Added a comprehensive test suite for the PortProxy class
|
||||
|
||||
- Set up a test environment for PortProxy using net.Server.
|
||||
- Test coverage includes starting and stopping the proxy, handling TCP connections, concurrent connections, and timeouts.
|
||||
- Ensures proper resource cleanup after tests.
|
||||
|
||||
## 2025-02-04 - 3.1.4 - fix(core)
|
||||
No uncommitted changes. Preparing for potential minor improvements or bug fixes.
|
||||
|
||||
|
||||
## 2025-02-04 - 3.1.3 - fix(networkproxy)
|
||||
Refactor and improve WebSocket handling and request processing
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@push.rocks/smartproxy",
|
||||
"version": "3.1.3",
|
||||
"version": "3.3.0",
|
||||
"private": false,
|
||||
"description": "a proxy for handling high workloads of proxying",
|
||||
"main": "dist_ts/index.js",
|
||||
@ -30,7 +30,9 @@
|
||||
"@push.rocks/smartstring": "^4.0.15",
|
||||
"@tsclass/tsclass": "^4.4.0",
|
||||
"@types/ws": "^8.5.14",
|
||||
"ws": "^8.18.0"
|
||||
"ws": "^8.18.0",
|
||||
"minimatch": "^9.0.3",
|
||||
"@types/minimatch": "^5.1.2"
|
||||
},
|
||||
"files": [
|
||||
"ts/**/*",
|
||||
|
||||
6
pnpm-lock.yaml
generated
6
pnpm-lock.yaml
generated
@ -26,9 +26,15 @@ importers:
|
||||
'@tsclass/tsclass':
|
||||
specifier: ^4.4.0
|
||||
version: 4.4.0
|
||||
'@types/minimatch':
|
||||
specifier: ^5.1.2
|
||||
version: 5.1.2
|
||||
'@types/ws':
|
||||
specifier: ^8.5.14
|
||||
version: 8.5.14
|
||||
minimatch:
|
||||
specifier: ^9.0.3
|
||||
version: 9.0.5
|
||||
ws:
|
||||
specifier: ^8.18.0
|
||||
version: 8.18.0
|
||||
|
||||
123
test/test.portproxy.ts
Normal file
123
test/test.portproxy.ts
Normal file
@ -0,0 +1,123 @@
|
||||
import { expect, tap } from '@push.rocks/tapbundle';
|
||||
import * as net from 'net';
|
||||
import { PortProxy } from '../ts/smartproxy.portproxy.js';
|
||||
|
||||
let testServer: net.Server;
|
||||
let portProxy: PortProxy;
|
||||
const TEST_SERVER_PORT = 4000;
|
||||
const PROXY_PORT = 4001;
|
||||
const TEST_DATA = 'Hello through port proxy!';
|
||||
|
||||
// Helper function to create a test TCP server
|
||||
function createTestServer(port: number): Promise<net.Server> {
|
||||
return new Promise((resolve) => {
|
||||
const server = net.createServer((socket) => {
|
||||
socket.on('data', (data) => {
|
||||
// Echo the received data back
|
||||
socket.write(`Echo: ${data.toString()}`);
|
||||
});
|
||||
|
||||
socket.on('error', (error) => {
|
||||
console.error('[Test Server] Socket error:', error);
|
||||
});
|
||||
});
|
||||
|
||||
server.listen(port, () => {
|
||||
console.log(`[Test Server] Listening on port ${port}`);
|
||||
resolve(server);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
// Helper function to create a test client connection
|
||||
function createTestClient(port: number, data: string): Promise<string> {
|
||||
return new Promise((resolve, reject) => {
|
||||
const client = new net.Socket();
|
||||
let response = '';
|
||||
|
||||
client.connect(port, 'localhost', () => {
|
||||
console.log('[Test Client] Connected to server');
|
||||
client.write(data);
|
||||
});
|
||||
|
||||
client.on('data', (chunk) => {
|
||||
response += chunk.toString();
|
||||
client.end();
|
||||
});
|
||||
|
||||
client.on('end', () => {
|
||||
resolve(response);
|
||||
});
|
||||
|
||||
client.on('error', (error) => {
|
||||
reject(error);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
// Setup test environment
|
||||
tap.test('setup port proxy test environment', async () => {
|
||||
testServer = await createTestServer(TEST_SERVER_PORT);
|
||||
portProxy = new PortProxy(PROXY_PORT, TEST_SERVER_PORT, {
|
||||
domains: [],
|
||||
sniEnabled: false,
|
||||
defaultAllowedIPs: ['127.0.0.1', '::ffff:127.0.0.1']
|
||||
});
|
||||
});
|
||||
|
||||
tap.test('should start port proxy', async () => {
|
||||
await portProxy.start();
|
||||
expect(portProxy.netServer.listening).toBeTrue();
|
||||
});
|
||||
|
||||
tap.test('should forward TCP connections and data', async () => {
|
||||
const response = await createTestClient(PROXY_PORT, TEST_DATA);
|
||||
expect(response).toEqual(`Echo: ${TEST_DATA}`);
|
||||
});
|
||||
|
||||
tap.test('should handle multiple concurrent connections', async () => {
|
||||
const concurrentRequests = 5;
|
||||
const requests = Array(concurrentRequests).fill(null).map((_, i) =>
|
||||
createTestClient(PROXY_PORT, `${TEST_DATA} ${i + 1}`)
|
||||
);
|
||||
|
||||
const responses = await Promise.all(requests);
|
||||
|
||||
responses.forEach((response, i) => {
|
||||
expect(response).toEqual(`Echo: ${TEST_DATA} ${i + 1}`);
|
||||
});
|
||||
});
|
||||
|
||||
tap.test('should handle connection timeouts', async () => {
|
||||
const client = new net.Socket();
|
||||
|
||||
await new Promise<void>((resolve) => {
|
||||
client.connect(PROXY_PORT, 'localhost', () => {
|
||||
// Don't send any data, just wait for timeout
|
||||
client.on('close', () => {
|
||||
resolve();
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
tap.test('should stop port proxy', async () => {
|
||||
await portProxy.stop();
|
||||
expect(portProxy.netServer.listening).toBeFalse();
|
||||
});
|
||||
|
||||
// Cleanup
|
||||
tap.test('cleanup port proxy test environment', async () => {
|
||||
await new Promise<void>((resolve) => testServer.close(() => resolve()));
|
||||
});
|
||||
|
||||
process.on('exit', () => {
|
||||
if (testServer) {
|
||||
testServer.close();
|
||||
}
|
||||
if (portProxy && portProxy.netServer) {
|
||||
portProxy.stop();
|
||||
}
|
||||
});
|
||||
|
||||
export default tap.start();
|
||||
@ -3,6 +3,6 @@
|
||||
*/
|
||||
export const commitinfo = {
|
||||
name: '@push.rocks/smartproxy',
|
||||
version: '3.1.3',
|
||||
version: '3.3.0',
|
||||
description: 'a proxy for handling high workloads of proxying'
|
||||
}
|
||||
|
||||
@ -23,5 +23,6 @@ export { lik, smartdelay, smartrequest, smartpromise, smartstring };
|
||||
// third party scope
|
||||
import * as ws from 'ws';
|
||||
import wsDefault from 'ws';
|
||||
import { minimatch } from 'minimatch';
|
||||
|
||||
export { wsDefault, ws };
|
||||
export { wsDefault, ws, minimatch };
|
||||
|
||||
@ -1,14 +1,30 @@
|
||||
import * as plugins from './smartproxy.plugins.js';
|
||||
import * as net from 'net';
|
||||
import * as tls from 'tls';
|
||||
|
||||
|
||||
export interface DomainConfig {
|
||||
domain: string; // glob pattern for domain
|
||||
allowedIPs: string[]; // glob patterns for IPs allowed to access this domain
|
||||
}
|
||||
|
||||
export interface ProxySettings {
|
||||
domains: DomainConfig[];
|
||||
sniEnabled?: boolean;
|
||||
tlsOptions?: tls.TlsOptions;
|
||||
defaultAllowedIPs?: string[]; // Optional default IP patterns if no matching domain found
|
||||
}
|
||||
|
||||
export class PortProxy {
|
||||
netServer: plugins.net.Server;
|
||||
fromPort: number;
|
||||
toPort: number;
|
||||
settings: ProxySettings;
|
||||
|
||||
constructor(fromPortArg: number, toPortArg: number) {
|
||||
constructor(fromPortArg: number, toPortArg: number, settings: ProxySettings) {
|
||||
this.fromPort = fromPortArg;
|
||||
this.toPort = toPortArg;
|
||||
this.settings = settings;
|
||||
}
|
||||
|
||||
public async start() {
|
||||
@ -22,8 +38,43 @@ export class PortProxy {
|
||||
from.destroy();
|
||||
to.destroy();
|
||||
};
|
||||
this.netServer = net
|
||||
.createServer((from) => {
|
||||
const isAllowed = (value: string, patterns: string[]): boolean => {
|
||||
return patterns.some(pattern => plugins.minimatch(value, pattern));
|
||||
};
|
||||
|
||||
const findMatchingDomain = (serverName: string): DomainConfig | undefined => {
|
||||
return this.settings.domains.find(config => plugins.minimatch(serverName, config.domain));
|
||||
};
|
||||
|
||||
const server = this.settings.sniEnabled ? tls.createServer(this.settings.tlsOptions || {}) : net.createServer();
|
||||
|
||||
this.netServer = server.on('connection', (from: net.Socket) => {
|
||||
const remoteIP = from.remoteAddress || '';
|
||||
if (this.settings.sniEnabled && from instanceof tls.TLSSocket) {
|
||||
const serverName = (from as any).servername || '';
|
||||
const domainConfig = findMatchingDomain(serverName);
|
||||
|
||||
if (!domainConfig) {
|
||||
// If no matching domain config found, check default IPs if available
|
||||
if (!this.settings.defaultAllowedIPs || !isAllowed(remoteIP, this.settings.defaultAllowedIPs)) {
|
||||
console.log(`Connection rejected: No matching domain config for ${serverName} from IP ${remoteIP}`);
|
||||
from.end();
|
||||
return;
|
||||
}
|
||||
} else {
|
||||
// Check if IP is allowed for this domain
|
||||
if (!isAllowed(remoteIP, domainConfig.allowedIPs)) {
|
||||
console.log(`Connection rejected: IP ${remoteIP} not allowed for domain ${serverName}`);
|
||||
from.end();
|
||||
return;
|
||||
}
|
||||
}
|
||||
} else if (!this.settings.defaultAllowedIPs || !isAllowed(remoteIP, this.settings.defaultAllowedIPs)) {
|
||||
console.log(`Connection rejected: IP ${remoteIP} not allowed for non-SNI connection`);
|
||||
from.end();
|
||||
return;
|
||||
}
|
||||
|
||||
const to = net.createConnection({
|
||||
host: 'localhost',
|
||||
port: this.toPort,
|
||||
|
||||
Reference in New Issue
Block a user